From: Gary Britt 

Yep, that was the stuff I saw on their website that made the program look
interesting.  On the Comodo firewall.  I just installed it on my main
laptop and set it to the highest alert level, and to automatically
configure those things the program already knew were safe.

I have to say I liked it.  The interface is similar to the skinned version
of Avast I use for antivirus.  It is a simple interface I guess, but I
found that the interface was really just fine for me my uses, but I have a
pretty generic home setup and I'm not doing anything complicated of fancy
as some of the others here do.

I like Comodo's interface better than UI of both McAfee and Norton
firewalls, and Comodo didn't bug the crap out of me with alerts upon first
use.  I got about 10 alerts, checked the box to have it remember my choices
and that was it.  On Comodo's highest alert level its checking programs
that load dll's into other programs and a lot of other stuff (each one of
these items are separately configurable via check boxes so you can
customize the level of checking quite a bit from the various default
levels.  Several of the alerts I got were with regard to my clipboard
utility program and macro hotkeys programs, etc.  These alerts weren't even
directly related to internet/lan access.  If I had the program set to its
default level of security that would have cut my initial alerts in half.

After the first 5 minutes I'm happily using it without being annoyed to
death with alerts unlike McAfee and Norton.  I think its built-in known
good apps stuff must be pretty good, and you can see a log/list of all the
apps and dll's it is currently configured to allow and then make changes if
necessary.  Sorting the list by vendor name, program name, etc. is all
possible.

Comodo does not appear to have the sandbox features of CoreForce, and if
CoreForce's UI, usability, and ease of initial use were comparable or
better than Comodo, it would seem to me the sandbox feature of CoreForce
would give it the nod.  It'll be interesting to see what users of CoreForce
report back.

One note, I got an attempted to connection to IGMP.MCAST.NET [224.0.0.22]
that was blocked by default.  Searching google indicated this wasn't likely
a trojan or spyware but XP itself trying to talk to my home router about
something.  It doesn't seem that Comodo blocking this automatically caused
something not to work.  Anybody else have thoughts different from this on
the IGMP.MCAST.NET thing?


Gary

Geo. wrote:
> Got this today.
>
> Geo.
>
> Greetings
> CoreLabs, the research arm of Core Security Technologies, is pleased to
> announce a new release of CORE FORCE, a free software endpoint security
> solution.
> Core FORCE, a fully functional endpoint protection software for Windows 2000
> and Windows XP systems, is released under the Apache 2.0 license and is
> available for download at http://force.coresecurity.com.
> CORE FORCE R0.95 b167 provides new features and updates based on user
> feedback. Programs can now be moved across security profiles while they run.
> Two new default security profiles have been added to run trusted and
> untrusted programs in generic sandboxes.
> This release of CORE FORCE includes the following new features:
> * New security profiles for Trusted Programs and Untrusted Programs.
> * Support to change the security profile for programs while they are
> running.
> * New Run with security profile command to launch a program in a specific
> security sandbox.
> * Alert notifications have been overhauled to provide more accurate
> information and options to the user.
> * Support for configuration of multiple executables in a program's security
> profile.
> * Firewall rules can now be configured for specific protocols other than
> TCP, UDP & ICMP.
> * Generic permissions can now be configured to initialize security levels'
> permissions on a new program's security profile.
> These new features have been designed to work together in common scenarios:
> * If you want to install a new program and avoid restrictions for the
> installer, you can launch it in the new Trusted Programs sandbox (or move it
> to that security profile when it's running).
> * If you download a suspicious program from the web and want to check it
> out, you can run it in the Untrusted Programs sandbox where it won't be able
> to write or delete stuff in your computer and communicate with remote
> computers without your knowledge.
> As in previous releases, we continue to improve CORE FORCE's stability and
> compatibility based on feedback from beta users.
> For more information about this new release, please go here:
>
http://force.coresecurity.com/index.php?module=articles&func=display&aid=30
> - The CORE FORCE team {at} CoreLabs
>
> *About CoreLabs*
>
> CoreLabs, the research center of Core Security Technologies located in
> Buenos Aires, Argentina, is charged with anticipating the future needs and
> requirements for information security technologies. CoreLabs, which is led
> by Ariel Futoransky, prides itself on taking a holistic view of information
> security with a focus on developing solutions to the complex, real-world
> security problems that affect our customers today or will affect them
> tomorrow.
>
> The solutions developed by CoreLabs leverage the collaborative expertise of
> our world-class engineering and consulting teams. We conduct our research in
> several important areas of information security including vulnerability
> research, cyber attack planning and simulation, source code auditing,
> endpoint security, web application security and
> cryptography.
>
> *About Core Security Technologies*
>
> Core Security Technologies develops strategic solutions that help
> security-conscious organizations worldwide develop and maintain a proactive
> process for securing their networks. The company's flagship product, CORE
> IMPACT, is the first automated penetration testing product for assessing
> specific information security threats to an organization.
> Penetration testing evaluates overall network security and identifies what
> resources are exposed. It enables organizations to determine if current
> security investments are detecting and preventing attacks. Core augments its
> leading technology solution with world-class security consulting services,
> including penetration testing, software security auditing and related
> training. Headquartered in Boston, MA, Core
> Security Technologies can be reached at 617-399-6980 or on the Web at
> http://www.coresecurity.com.
>
>

--- BBBS/NT v4.01 Flag-5